Hackers Hijacked Google’s Gemini AI With a Poisoned Calendar Invite to Take Over a Smart Home. For likely the first time ever, security researchers have shown how AI can be hacked to create real-world havoc, allowing them to turn off lights, open smart shutters, and more.
North Korean operatives seeking and gaining technical jobs with foreign companies kept CrowdStrike busy, accounting for almost one incident response case or investigation per day in the past year, the company said in its annual threat hunting report released Monday.
Generative AI and LLM technologies have shown great potential in recent years, and for this reason, an increasing number of applications are starting to integrate them for multiple purposes. These applications are becoming increasingly complex, adopting approaches that involve multiple specialized agents, each focused on one or more tasks, interacting with one another and using external tools to access information, perform operations, or carry out tasks that LLMs are not capable of handling directly (e.g., mathematical computations).
On June 25, Google released Gemini CLI, an AI agent that helps developers explore and write code using Google Gemini, directly from their command line.
On June 27, Tracebit reported a vulnerability to Google VDP which meant Gemini CLI in its default configuration could silently execute arbitrary malicious code on a user's machine when run in the context of untrusted code. Crucially, this can be achieved in such a way as to obscure this from the victim of the attack.
This discovery was ultimately classified by Google VDP as a P1 / S1 issue and fixed in v0.1.14 released July 25 with agreed disclosure date July 28.
Check if your password has appeared in known data breaches
Snowflake comes embedded in Tor-powered apps like Tor Browser, Orbot, and Ricochet-Refresh. If any of these apps can’t connect to the Tor network, you can use Snowflake to unblock Tor.
Bienvenue sur Hackropole. Cette plateforme vous propose de rejouer les épreuves du France Cybersecurity Challenge tout au long de l'année dans le but de découvrir et de vous former à divers domaines de la cybersécurité.
